No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home GRC Vendor News

New Report Finds Compliance Regulations Are Driving Boards to Make Cybersecurity the Top Priority

by Corporate Compliance Insights
September 28, 2016
in GRC Vendor News
New Report Finds Compliance Regulations Are Driving Boards to Make Cybersecurity the Top Priority

Third study in series finds support for, but struggles with, increasing regulations and demand for adding more board security expertise

September 28, 2016 (San Francisco) — Bay Dynamics®, a leader in cyber risk analytics, unveiled today the third in a series of reports, all of which examine how boards of directors and IT security professionals prioritize, communicate and reduce cyber risk.  The report, titled, “What’s Driving Boards of Directors to Make Cyber Security a Top Priority?” uncovers the specific drivers behind why boards of directors are making cybersecurity a top priority and the challenges they face in reducing cyber risk. In particular, the report found that 46 percent of board members believe compliance regulations help establish stronger security, but nearly 60 percent struggle with meeting increased mandates — a nearly 20 percent jump over the past two years.

The report is based on a nationwide survey, conducted by the third-party research firm Osterman Research, that interviewed 126 board members who are actively serving on boards of enterprises and receive reports about companies’ cybersecurity programs. Some of the additional findings include:

  • Chasm Between Intent and Execution — Nearly half of the board members surveyed believe that regulations are “very” sufficient in helping to protect corporate data assets.  However, as regulations increase, a growing proportion of companies struggle to satisfy their cybersecurity mandates.  Nearly 60 percent expressed that mandates are “somewhat” or “very” difficult to satisfy — a number that has increased by almost 20 percent from 2014 to 2016.
  • Knowledge is Power — Three out of five board members believe that one or more of their fellow board members should be a CISO or some other type of cybersecurity expert. The previous survey, “How Boards of Directors Really Feel about Cyber Security Reports,” revealed that more than half of the board members felt they were at a disadvantage as security reporting is too technical.  With only one in six board members claiming substantial expertise in understanding the nuances and implications of cybersecurity issues, that power deficiency is driving a 60 percent belief that one or more board members should be a CISO or some other type of cybersecurity expert.
  • The Drive to Comply — The previous survey also found that cybersecurity has become the top priority in the boardroom, surpassing other operational risks. This current survey reveals the number one driver of board members making cybersecurity a top priority is complying with regulatory requirements. In the past two years, there has been an 11-fold increase in the number of organizations citing increased regulation from the government as a driver and a similarly dramatic increase from industry bodies. Close behind, with a 10-fold increase, were fears of lawsuits and regulatory penalties. Shockingly, these factors drove more reaction and action than the experience of a breach at their own company.

This report complements two previously released reports in 2016.  In addition to “How Boards of Directors Really Feel about Cyber Security Reports,” Bay Dynamics and Osterman Research also published “Reporting to the Board: Where CISOs and The Board are Missing the Mark,” which is based on a survey asking IT and security executives about the challenges they face communicating cyber risk issues to the board.

“This series of reports demonstrates a positive shift in how boards of directors are prioritizing and approaching cyber risk issues,” said Ryan Stolte, co-founder and Chief Technology Officer at Bay Dynamics. “It is clear that boards understand that they are responsible for setting the cyber risk appetite of an organization. This current report shows that board members want to understand and be actively involved in the cyber risk reduction process. That includes making decisions that drive continuous compliance and going a step further by adding a board member with cyber-specific expertise who speaks the same language as the trusted security executives advising them.”

“The survey reveals that boards of directors in larger companies are taking cybersecurity and cyber risk much more seriously than they were just two years ago,” said Michael Osterman, Principal Analyst with Osterman Research. “Board members are increasingly recognizing the critical importance of becoming better educated about cyber-related issues and relying on trusted advisors that can increase their expertise on critical cybersecurity and cyber risk issues.”

Report Series:

  • What’s Driving Boards of Directors to Make Cyber Security a Top Priority, September 2016
  • How Boards of Directors Really Feel about Cyber Security Reports, June 2016
  • Reporting to the Board: Where CISOs and the Board are Missing the Mark, Feb 2016

About Bay Dynamics

Bay Dynamics® is a cyber risk management company that helps enterprises measure, communicate and reduce cyber risk. The company’s flagship analytics software, Risk Fabric®, automates the process of analyzing security information so that it’s traceable, trustworthy and prioritized. The platform makes cyber risk everyone’s business – from employees to line-of-business application owners to the board – and actively engages all parties in measurably reducing it. Bay Dynamics enables some of the world’s largest organizations to understand the state of their cybersecurity posture, including contextual awareness of what their insiders, vendors and bad actors are doing, which is key to effective cyber risk management. For more information, please visit www.baydynamics.com.

Follow Bay Dynamics on Twitter at www.twitter.com/BAYDYNAMICS, on LinkedIn at www.linkedin.com/company/bay-dynamics/ and on Facebook at www.facebook.com/bay.dynamics.

Bay Dynamics and Risk Fabric are registered trademarks of Bay Dynamics, Inc.  Other trademarks mentioned are the property of their respective owners.


Previous Post

AppZen Launches ReceiptIQ™

Next Post

PDVSA at the Center of International Anti-Corruption Efforts

Corporate Compliance Insights

Corporate Compliance Insights

Corporate Compliance Insights

Related Posts

robot nurturing a good idea

Innovation vs. Compliance: In the Age of AI, Why Not Both?

by Asha Palmer
June 17, 2025

As governments scramble to regulate AI, forward-thinking companies are writing their own compliance playbooks

human robot working as team pie chart

Smart Machines, Smarter Humans: Why Compliance Still Needs a Human Touch

by Roman Eloshvili
June 17, 2025

From the 2008 financial crisis to everyday judgment calls, the case for keeping humans in the compliance loop

data privacy leader concept

Who’s Minding Your Data? The Case for Dedicated Privacy Leadership

by Daniel Barber
June 16, 2025

As state privacy laws multiply and AI introduces new vulnerabilities, the question isn't whether you need dedicated privacy expertise —...

abstract obscured data colorful

NIST’s Differential Privacy Guidelines: 6 Critical Areas for Secure Implementation

by Michelle Drolet
June 16, 2025

Standard de-identification methods remain vulnerable to sophisticated attacks, but differential privacy offers mathematical guarantees that scale with emerging threats

Next Post
Multinational coalition targets corruption in Venezuela

PDVSA at the Center of International Anti-Corruption Efforts

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights